WO2023004656A1 - Procédé et appareil de communication directe, équipement utilisateur et support de stockage - Google Patents

Procédé et appareil de communication directe, équipement utilisateur et support de stockage Download PDF

Info

Publication number
WO2023004656A1
WO2023004656A1 PCT/CN2021/109087 CN2021109087W WO2023004656A1 WO 2023004656 A1 WO2023004656 A1 WO 2023004656A1 CN 2021109087 W CN2021109087 W CN 2021109087W WO 2023004656 A1 WO2023004656 A1 WO 2023004656A1
Authority
WO
WIPO (PCT)
Prior art keywords
prose
security policy
initiating
signaling
strategy
Prior art date
Application number
PCT/CN2021/109087
Other languages
English (en)
Chinese (zh)
Inventor
洪伟
Original Assignee
北京小米移动软件有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京小米移动软件有限公司 filed Critical 北京小米移动软件有限公司
Priority to EP21951268.8A priority Critical patent/EP4380294A1/fr
Priority to PCT/CN2021/109087 priority patent/WO2023004656A1/fr
Priority to CN202180002265.3A priority patent/CN115885533A/zh
Publication of WO2023004656A1 publication Critical patent/WO2023004656A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup

Definitions

  • the present disclosure relates to the field of communication technologies, and in particular, to a direct connection communication method, device, user equipment, and storage medium.
  • Prose Proximity based Service, proximity communication service
  • UEs User Equipment, user equipment
  • the direct connection communication method, device, user equipment and storage medium proposed in the present disclosure are used to ensure the security of direct connection communication between UEs in the Prose service.
  • the direct connection communication method proposed by an embodiment of the present disclosure is applied to receive ProSe UE, including:
  • the direct connection communication method proposed by another embodiment of the present disclosure is applied to initiate ProSe UE, including:
  • the direct connection communication device proposed by the embodiment includes:
  • An acquisition module configured to acquire a security policy corresponding to the ProSe service
  • the communication module is used to establish direct communication security with the initiating ProSe UE based on the security policy.
  • the direct connection communication device proposed by the embodiment includes:
  • An acquisition module configured to acquire a security policy corresponding to the ProSe service
  • the communication module is used to establish direct communication security with the receiving ProSe UE based on the security policy.
  • a user equipment provided by an embodiment of another aspect of the present disclosure includes: a transceiver; a memory; and a processor, which are respectively connected to the transceiver and the memory, and configured to execute computer-executable instructions on the memory, The wireless signal transmission and reception of the transceiver is controlled, and the method provided in the embodiment of the above yet another aspect can be realized.
  • the computer storage medium provided by the embodiment, wherein the computer storage medium stores computer-executable instructions; after the computer-executable instructions are executed by a processor, the method as described above can be implemented.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and based on the obtained security policy and the initiating ProSe UE Establish direct communication security. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 1 is a schematic flowchart of a direct communication method provided by an embodiment of the present disclosure
  • FIG. 2 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 3 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 4 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 5 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 6 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 7 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 8 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 9 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 10 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 11 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 12 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 13 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 14 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 15 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 16 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 17 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 18 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 19 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • FIG. 20 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure.
  • Fig. 21 is a schematic structural diagram of a direct communication device provided by an embodiment of the present disclosure.
  • Fig. 22 is a schematic structural diagram of a direct communication device provided by another embodiment of the present disclosure.
  • Fig. 23 is a block diagram of a user equipment provided by an embodiment of the present disclosure.
  • first, second, third, etc. may use the terms first, second, third, etc. to describe various information, the information should not be limited to these terms. These terms are only used to distinguish information of the same type from one another. For example, without departing from the scope of the embodiments of the present disclosure, first information may also be called second information, and similarly, second information may also be called first information.
  • first information may also be called second information
  • second information may also be called first information.
  • the words "if” and "if” as used herein may be interpreted as “at” or "when” or "in response to a determination.”
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct connection communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 1 is a schematic flow diagram of a direct communication method provided by an embodiment of the present disclosure, which is applied to receive a ProSe UE. As shown in FIG. 1, the direct communication method may include the following steps:
  • Step 101 acquire the security policy corresponding to the ProSe service.
  • a UE may be a device that provides voice and/or data connectivity to a user.
  • UE can communicate with one or more core networks via RAN (Radio Access Network, wireless access network).
  • RAN Radio Access Network, wireless access network
  • UE can be an Internet of Things terminal, such as a sensor device, a mobile phone (or called a "cellular" phone) and a device with an Internet of Things
  • the computer of the terminal for example, may be a fixed, portable, pocket, hand-held, computer-built-in or vehicle-mounted device.
  • station Station, STA
  • subscriber unit subscriber unit
  • subscriber station subscriber station
  • mobile station mobile station
  • mobile station mobile
  • remote station remote station
  • access point remote terminal
  • user terminal or user agent.
  • the UE may also be a device of an unmanned aerial vehicle.
  • the UE may also be a vehicle-mounted device, for example, it may be a trip computer with a wireless communication function, or a wireless terminal connected externally to the trip computer.
  • the UE may also be a roadside device, for example, it may be a street lamp, a signal lamp, or other roadside devices with a wireless communication function.
  • a security policy corresponding to a ProSe service can be configured for each ProSe UE in advance, so that the ProSe UE can perform security protection on the PC5 interface of the ProSe UE based on the security policy.
  • the security policy corresponding to the ProSe service may specifically include the ProSe service to be protected and the security policy corresponding to the ProSe service to be protected.
  • the security policy may specifically include at least one of the following:
  • the security policy may be any one of the above-mentioned policies. In another embodiment of the present disclosure, the security policy may be any combination of the above policies.
  • the above-mentioned signaling integrity protection policy and signaling encryption protection policy belong to the signaling security policy; the above-mentioned UP integrity protection policy and UP encryption protection policy belong to the UP security strategy.
  • the security policy may include: REQUIRED (protection required); NOT NEEDED (protection not required); PREFERRED (optional protection).
  • the signaling integrity protection policy may include: REQUIRED; or, NOT NEEDED; or, PREFERRED.
  • the signaling encryption protection policy may include: REQUIRED; or, NOT NEEDED; or, PREFERRED.
  • the UP integrity protection policy may include: REQUIRED; or, NOT NEEDED; or, PREFERRED.
  • the UP encryption protection policy may include: REQUIRED; or, NOT NEEDED; or, PREFERRED.
  • REQUIRED may indicate that the ProSe UE needs security protection.
  • the security policy corresponding to the ProSe UE when the security policy corresponding to the ProSe UE is REQUIRED, the ProSe UE can only establish a secure connection with the ProSe UE whose security policy is also REQUIRED.
  • the security policy corresponding to the ProSe UE when the security policy corresponding to the ProSe UE is REQUIRED, the ProSe UE can only establish a connection with the ProSe UE using the non-NULL confidentiality algorithm or integrity algorithm.
  • NOT NEEDED can indicate that the ProSe UE does not need security protection, and, in one embodiment of the present disclosure, when the security policy corresponding to the ProSe UE is NOT NEEDED, the ProSe UE can only The ProSe UE with the same security policy as NOT NEEDED establishes a connection without security.
  • PREFERRED indicates that the ProSe UE may perform security protection, or may not perform security protection. And, in an embodiment of the present disclosure, when the security policy corresponding to the ProSe UE is PREFERRED, the ProSe UE can establish a secure connection with the ProSe UE whose security policy is REQUIRED, or with the ProSe UE whose security policy is NOT NEEDED ProSe UE establishes a connection without security.
  • the method for the ProSe UE to obtain the security policy corresponding to the ProSe service may include: obtaining the ProSe service and the protected ProSe service sent by the PCF (Policy Control Function, policy control function) The security policy corresponding to the ProSe service.
  • PCF Policy Control Function, policy control function
  • the method for the ProSe UE to obtain the security policy corresponding to the ProSe service may include: obtaining the ProSe service to be protected and the security policy corresponding to the ProSe service to be protected sent by the ProSe application server .
  • the ProSe application server may send the security policy corresponding to the ProSe service to the ProSe UE through the PCF.
  • the ProSe application server may send the security policy corresponding to the ProSe service to the ProSe UE through the PC1 interface.
  • the method for the ProSe UE to obtain the security policy corresponding to the ProSe service may include: obtaining the ProSe service configured on the UICC (Universal Integrated Circuit Card, embedded universal integrated circuit card) to be protected and Security policy corresponding to the ProSe service to be protected.
  • UICC Universal Integrated Circuit Card, embedded universal integrated circuit card
  • the security policy when the ProSe UE obtains the security policy corresponding to the ProSe service, the security policy can be protected through NAS (Non Access Stratum, non-access) signaling security.
  • NAS Non Access Stratum, non-access
  • the NAS security may be established after the ProSe UE registers the ProSe service.
  • Step 102 establish direct communication with the initiating ProSe UE based on the security policy.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 2 is a schematic flowchart of a direct communication method provided by another embodiment of the present disclosure, which is applied to receive ProSeUE. As shown in FIG. 2, the direct communication method may include the following steps:
  • Step 201 acquire the security policy corresponding to the ProSe service.
  • step 201 for the detailed introduction of step 201, reference may be made to the relevant introduction in the foregoing embodiments, and the embodiments of the present disclosure will not repeat them here.
  • Step 202 obtain the Direct Communication Request (direct communication request) message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 203 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • the first preset condition may include at least one of the following:
  • the strategy for initiating the signaling integrity protection of the ProSe UE is NOT NEEDED, and the strategy for receiving the signaling integrity protection of the ProSe UE is REQUIRED;
  • the strategy for initiating ProSe UE's signaling encryption protection is NOT NEEDED, and the strategy for receiving ProSe UE's signaling encryption protection is REQUIRED;
  • the strategy for initiating the signaling integrity protection of the ProSe UE is REQUIRED, and the strategy for receiving the signaling integrity protection of the ProSe UE is NOT NEEDED;
  • the signaling encryption protection policy of the initiating ProSe UE is REQUIRED, and the signaling encryption protection policy of the receiving ProSe UE is NOT NEEDED.
  • the first preset condition may be any one of the above preset conditions. In another embodiment of the present disclosure, the first preset condition may be any combination of the above preset conditions.
  • the first preset condition includes the above two or more preset conditions, if the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet Any one of the preset conditions in the first preset condition, it is determined that the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition, otherwise it is determined that the signaling security policy of the ProSe UE is initiated and the signaling security policy of the receiving ProSe UE does not meet the first preset condition.
  • the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition it means that there is an existence between the initiating ProSe UE and the receiving ProSe UE. If the security policy conflicts, the two are not eligible for direct connection, go to step 204.
  • Step 204 Send a first rejection message to the initiating ProSe UE, where the first rejection message is used to reject the Direct Communication Request message sent by the initiating ProSe UE.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • Fig. 3 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receiving ProSeUE. As shown in Fig. 3, the direct connection communication method may include the following steps:
  • Step 301 acquire the security policy corresponding to the ProSe service.
  • Step 302 obtain the Direct Communication Request message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 303 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • the process continues to step 304 .
  • Step 304 Determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE.
  • the negotiation result of the signaling security policy may include at least one of the following:
  • the negotiation result of the signaling security policy is determined, including:
  • the negotiation result of the signaling integrity protection strategy is determined to be NOT NEEDED . That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE signaling integrity protection strategy of NOT NEEDED between the initiating ProSe UE and the receiving ProSe UE, The negotiation result of determining the signaling integrity protection policy is NOT NEEDED.
  • the negotiation result of the signaling integrity protection strategy is determined to be REQUIRED. That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose signaling integrity protection strategy is REQUIRED between the initiating ProSe UE and the receiving ProSe UE, determine The negotiation result of the signaling integrity protection policy is REQUIRED.
  • the negotiation result of the signaling integrity protection strategy is determined to be REQUIRED or NOT NEEDED.
  • the negotiation result of the signaling encryption protection strategy is determined to be NOT NEEDED. That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose signaling encryption protection policy is NOT NEEDED between the initiating ProSe UE and the receiving ProSe UE, determine The negotiation result of the signaling encryption protection policy is NOT NEEDED.
  • the negotiation result of the signaling encryption protection strategy is determined to be REQUIRED, that is, after receiving When there is no security policy conflict between the ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose signaling encryption protection policy is REQUIRED between the initiating ProSe UE and the receiving ProSe UE, determine the policy of the signaling encryption protection
  • the negotiation result is REQUIRED.
  • the negotiation result of the signaling encryption protection strategy is determined to be REQUIRED or NOT NEEDED.
  • Step 305 Send a Direct Security Mode Command (direct security mode command) message to the initiating ProSe UE, wherein the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • Direct Security Mode Command direct security mode command
  • the negotiation result of the signaling security policy included in the Direct Security Mode Command message may be the negotiation result determined in step 304 above.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • Fig. 4 is a schematic flow diagram of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive a ProSe UE.
  • the direct connection communication method may include the following steps:
  • Step 401 acquire the security policy corresponding to the ProSe service.
  • Step 402 Obtain the Direct Communication Request message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 403 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • step 404 if it is determined that the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE do not meet the first preset condition, it means that the communication between the initiating ProSe UE and the receiving ProSe UE If there is no security policy conflict, the two are eligible for direct connection, and step 404 is performed.
  • Step 404 Determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE.
  • Step 405 Send a Direct Security Mode Command (direct security mode command) message to the initiating ProSe UE, wherein the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • Direct Security Mode Command direct security mode command
  • Step 406 Receive the second rejection message sent by the initiating ProSe UE, where the second rejection message is used to refuse to receive the Direct Security Mode Command message sent by the ProSe UE.
  • the initiating ProSe UE when the initiating ProSe UE receives the Direct Security Mode Command message sent by the receiving ProSe UE, it will determine the security algorithm corresponding to the negotiation result of the signaling security policy included in the Direct Security Mode Command message Whether the security algorithm corresponding to the signaling security policy of the UE that initiates the ProSe is consistent.
  • the initiating ProSe UE when the initiating ProSe UE judges that the security algorithm corresponding to the negotiation result of the signaling security policy included in the Direct Security Mode Command message is inconsistent with the security algorithm corresponding to its own signaling security policy, It means that the receiving ProSe UE and the sending ProSe UE do not have the protection direct connection qualification, then the initiating ProSe UE sends a second rejection message to the receiving ProSe UE to refuse to receive the Direct Security Mode Command message sent by the ProSe UE.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • Fig. 5 is a schematic flow diagram of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive a ProSe UE. As shown in Fig. 5, the direct connection communication method may include the following steps:
  • Step 501 acquire the security policy corresponding to the ProSe service.
  • Step 502 Obtain the Direct Communication Request message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 503 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • step 504 if it is determined that the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE do not meet the first preset condition, it means that the communication between the initiating ProSe UE and the receiving ProSe UE If there is no security policy conflict, the two are eligible for direct connection, and step 504 is performed.
  • Step 504 Determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE.
  • Step 505 Send a Direct Security Mode Command message to the initiating ProSe UE, wherein the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • Step 506 judging whether the negotiation result of the signaling security policy is NOT NEEDED.
  • Step 507 Change the UP security policy of the receiving ProSe UE to NOT NEEDED.
  • the negotiation result of the signaling encryption protection strategy is NOT NEEDED, it means that the signaling between the initiating ProSe UE and the receiving ProSe UE does not need security protection and the negotiated encryption algorithm is NULL algorithm, at this time, the UP encryption protection policy of the receiving ProSe UE can also be changed to NOT NEEDED.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 6 is a schematic flow diagram of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive a ProSe UE. As shown in FIG. 6, the direct connection communication method may include the following steps:
  • Step 601 acquire the security policy corresponding to the ProSe service.
  • Step 602 Obtain the Direct Communication Request message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 603 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • step 604 if it is determined that the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE do not meet the first preset condition, it means that the communication between the initiating ProSe UE and the receiving ProSe UE If there is no security policy conflict, the two are eligible for direct connection, and step 604 is performed.
  • Step 604 Determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE.
  • Step 605 Send a Direct Security Mode Command message to the initiating ProSe UE, wherein the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • step 605 the signaling security policy negotiation between the receiving ProSe UE and the initiating ProSe UE is completed, and then the subsequent steps can be continued to negotiate between the receiving ProSe UE and the initiating ProSe UE.
  • UP security policy the signaling security policy negotiation between the receiving ProSe UE and the initiating ProSe UE is completed, and then the subsequent steps can be continued to negotiate between the receiving ProSe UE and the initiating ProSe UE.
  • the negotiation result of the signaling security policy determined in step 604 is REQUIRED, it is considered that signaling security is established between the receiving ProSe UE and the initiating ProSe UE. protection, then in the subsequent process, when the receiving ProSe UE interacts with the initiating ProSe UE, the exchanged messages will be protected by signaling security, ensuring the security of signaling transmission.
  • Step 606 Receive the Direct Security Mode Complete message sent by the initiating ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • Step 607 Determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition.
  • the second preset condition may include at least one of the following:
  • the strategy for initiating UP integrity protection of ProSe UE is NOT NEEDED, and the strategy for receiving UP integrity protection of ProSe UE is REQUIRED;
  • the strategy of initiating UP encryption protection of ProSe UE is NOT NEEDED, and the strategy of receiving UP encryption protection of ProSe UE is REQUIRED;
  • the strategy for initiating the UP integrity protection of the ProSe UE is REQUIRED, and the strategy for receiving the UP integrity protection of the ProSe UE is NOT NEEDED;
  • the strategy for initiating UP encryption protection of ProSe UE is REQUIRED, and the strategy for receiving UP encryption protection of ProSe UE is NOT NEEDED.
  • the second preset condition may be only any one of the above preset conditions. In another embodiment of the present disclosure, the second preset condition may be any combination of the above preset conditions.
  • the second preset condition includes the above two or more preset conditions, if the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE satisfy the second For any one of the preset conditions, it is determined that the UP security policy for initiating the ProSe UE and the UP security policy for receiving the ProSe UE meet the second preset condition, otherwise it is determined to determine the UP security policy for initiating the ProSe UE and receiving the ProSe UE The UP security policy does not meet the second preset condition.
  • the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition it means that there is security between the initiating ProSe UE and the receiving ProSe UE. Policy conflict, the two are not eligible for direct connection, go to step 608.
  • the receiving ProSe UE before determining whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition in step 607, the receiving ProSe UE will first Judging whether the negotiation result of the signaling security policy determined in the above step 605 is NOT NEEDED, when it is NOT NEEDED, the UP security policy of the receiving ProSe UE will also be changed to NOT NEEDED.
  • Step 608 Send a third rejection message to the initiating ProSe UE, where the third rejection message is used to reject the Direct Security Mode Complete message sent by the initiating ProSe UE.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 7 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive ProSe UE. As shown in FIG. 7, the direct connection communication method may include the following steps:
  • Step 701 acquire the security policy corresponding to the ProSe service.
  • Step 702 Obtain the Direct Communication Request message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 703 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • the process proceeds to step 704.
  • Step 704 Determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE.
  • Step 705 Send a Direct Security Mode Command message to the initiating ProSe UE, where the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • Step 706 Receive the Direct Security Mode Complete message sent by the initiating ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • Step 707 Determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition.
  • the process continues to step 708.
  • the receiving ProSe UE before determining whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition in step 707, the receiving ProSe UE will first Judging whether the negotiation result of the signaling security policy determined in the above step 705 is NOT NEEDED, when it is NOT NEEDED, the UP security policy of the receiving ProSe UE will also be changed to NOT NEEDED.
  • Step 708 Determine the negotiation result of the UP security policy based on the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE.
  • the negotiation result of the UP security policy may include at least one of the following:
  • the negotiation result of the UP security policy is determined based on the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE, including:
  • the negotiation result of the UP integrity protection policy is determined to be NOT NEEDED. That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose UP integrity protection policy is NOT NEEDED between the initiating ProSe UE and the receiving ProSe UE, determine The negotiation result of the UP integrity protection policy is NOT NEEDED.
  • the UP integrity protection strategy of the initiating ProSe UE is REQUIRED, and/or, the UP integrity protection strategy of the receiving ProSe UE is REQUIRED, determine the negotiation result of the UP integrity protection strategy as REQUIRED. That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose UP integrity protection policy is REQUIRED between the initiating ProSe UE and the receiving ProSe UE, determine the UP The negotiation result of the integrity protection policy is REQUIRED.
  • the UP integrity protection policy of the initiating ProSe UE is PREFERRED
  • the UP integrity protection policy of the receiving ProSe UE is PREFERRED
  • the UP encryption protection strategy of the initiating ProSe UE is NOT NEEDED, and/or, the UP encryption protection strategy of the receiving ProSe UE is NOT NEEDED, determine the negotiation result of the UP encryption protection strategy as NOT NEEDED. That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose UP encryption protection policy is NOT NEEDED between the initiating ProSe UE and the receiving ProSe UE, determine the UP The negotiation result of encryption protection policy is NOT NEEDED.
  • the negotiation result of the UP encryption protection strategy is determined to be REQUIRED. That is, when there is no security policy conflict between the receiving ProSe UE and the initiating ProSe UE, when there is a ProSe UE whose UP encryption protection policy is REQUIRED between the initiating ProSe UE and the receiving ProSe UE, determine the UP encryption The negotiation result of the protected policy is REQUIRED.
  • the negotiation result of the UP encryption protection policy is REQUIRED or NOT NEEDED.
  • Step 709 Send a Direct Communication Accept message to the initiating ProSe UE, wherein the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the negotiation result of the UP security policy included in the Direct Communication Accept message may be the negotiation result determined in step 708 above.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 8 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive ProSe UE. As shown in FIG. 8, the direct connection communication method may include the following steps:
  • Step 801 acquire the security policy corresponding to the ProSe service.
  • Step 802 obtain the Direct Communication Request message sent by the initiating ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 803 determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition.
  • step 804 if it is determined that the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE do not meet the first preset condition, it means that the communication between the initiating ProSe UE and the receiving ProSe UE If there is no security policy conflict, the two are eligible for direct connection, and step 804 is performed.
  • Step 804 Determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE.
  • Step 805 Send a Direct Security Mode Command message to the initiating ProSe UE, wherein the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • Step 806 Receive the Direct Security Mode Complete message sent by the initiating ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • Step 807 determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition.
  • the process continues to step 808.
  • the receiving ProSe UE before determining whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition in step 807, the receiving ProSe UE will first Judging whether the negotiation result of the signaling security policy determined in the above step 804 is NOT NEEDED, when it is NOT NEEDED, the UP security policy of the receiving ProSe UE will also be changed to NOT NEEDED.
  • Step 808 Determine the negotiation result of the UP security policy based on the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE.
  • Step 809 Send a Direct Communication Accept message to the initiating ProSe UE, wherein the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • Step 810 Perform direct communication with the initiating ProSe UE based on the negotiation result of the signaling security policy and the negotiation result of the UP security policy.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 9 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 9, the direct connection communication method may include the following steps:
  • Step 901 acquire the security policy corresponding to the ProSe service.
  • Step 902 establish direct communication with the receiving ProSe UE based on the security policy.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 10 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 10 , the direct connection communication method may include the following steps:
  • Step 1001 acquire the security policy corresponding to the ProSe service.
  • step 1001 for a detailed introduction of step 1001, reference may be made to relevant introductions in the foregoing embodiments, and details are not described in this embodiment of the present disclosure.
  • Step 1002 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1003 Obtain and receive the first rejection message sent by the ProSe UE, where the first rejection message is used to reject the initiation of the Direct Communication Request message sent by the ProSe UE.
  • the receiving ProSe UE after the receiving ProSe UE obtains the Direct Communication Request message sent by the initiating ProSe UE, it will determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE satisfy the first preset conditions. And, in one embodiment of the present disclosure, if it is determined that the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE meet the first preset condition, it means that there is an existence between the initiating ProSe UE and the receiving ProSe UE. The security policy conflicts, and the two are not eligible for direct connection. The receiving ProSe UE will send the first rejection message to the initiating ProSe UE.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 11 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 11 , the direct connection communication method may include the following steps:
  • Step 1101 acquire the security policy corresponding to the ProSe service.
  • Step 1102 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1103 obtain and receive the Direct Security Mode Command message sent by the ProSe UE, and the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • the receiving ProSe UE after the receiving ProSe UE obtains the Direct Communication Request message sent by the initiating ProSe UE, it will determine whether the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE satisfy the first preset conditions.
  • the receiving ProSe UE will determine the negotiation result of the signaling security policy based on the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE. Afterwards, a Direct Security Mode Command message will be sent to the initiating ProSe UE, wherein the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 12 is a schematic flow diagram of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 12 , the direct connection communication method may include the following steps:
  • Step 1201 acquire the security policy corresponding to the ProSe service.
  • Step 1202 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1203 obtain and receive the Direct Security Mode Command message sent by the ProSe UE, and the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • Step 1204 judging whether the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to the signaling security policy of the initiating ProSe UE.
  • each signaling security policy has a corresponding security algorithm.
  • the security algorithm corresponding to the signaling security policy of the receiving ProSe UE may be consistent with the security algorithm corresponding to the signaling security policy of the initiating ProSe UE.
  • the security algorithm corresponding to the signaling security policy of the receiving ProSe UE may be inconsistent with the security algorithm corresponding to the signaling security policy of the initiating ProSe UE.
  • the initiating ProSe UE judges that the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is inconsistent with the security algorithm corresponding to its own signaling security policy, it means that the receiving ProSe UE and The sending ProSe UEs are not eligible for protected direct connection, so continue to execute step 1205.
  • Step 1205 Send a second rejection message to the receiving ProSe UE, where the second rejection message is used to refuse to receive the Direct Security Mode Command message sent by the ProSe UE.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • Fig. 13 is a schematic flow diagram of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in Fig. 13, the direct connection communication method may include the following steps:
  • Step 1301 acquire the security policy corresponding to the ProSe service.
  • Step 1302 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1303 obtain and receive the Direct Security Mode Command message sent by the ProSe UE, and the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • Step 1304 judging whether the negotiation result of the signaling security policy is NOT NEEDED.
  • Step 1305 change the UP security policy of the sending ProSe UE to NOT NEEDED.
  • the negotiation result of the signaling encryption protection policy is NOT NEEDED, it means that the signaling between the initiating ProSe UE and the receiving ProSe UE does not require security protection and the negotiated encryption algorithm is the NULL algorithm, at this time, the strategy for initiating the UP encryption protection of the ProSe UE can also be changed to NOT NEEDED.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 14 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 14 , the direct connection communication method may include the following steps:
  • Step 1401 acquire the security policy corresponding to the ProSe service.
  • Step 1402 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1403 obtain and receive the Direct Security Mode Command message sent by the ProSe UE, and the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • Step 1404 judging whether the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to the signaling security policy of the initiating ProSe UE.
  • the initiating ProSe UE judges that the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to its own signaling security policy, it means that the receiving ProSe UE is the same as the sending The ProSe UEs are eligible for protection direct connection, and proceed to step 1405.
  • Step 1405 Send a Direct Security Mode Complete message to the receiving ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • the initiating ProSe UE before sending the Direct Security Mode Complete message to the receiving ProSe UE in step 1405, the initiating ProSe UE will first judge the signaling security policy received in the above step 1403 Whether the negotiation result is NOT NEEDED, if it is NOT NEEDED, the UP security policy of the initiating ProSe UE will also be changed to NOT NEEDED. And, later, when sending the Direct Security Mode Complete message to the receiving ProSe UE, the Direct Security Mode Complete message specifically includes the changed UP security policy of the initiating ProSe UE.
  • Step 1406 acquire and receive the third rejection message sent by the ProSe UE, the third rejection message is used to reject the Direct Security Mode Complete message sent by the initiating ProSe UE.
  • the receiving ProSe UE After the receiving ProSe UE acquires the Direct Security Mode Complete message sent by the initiating ProSe UE, it will determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second predetermined requirement. set conditions.
  • the receiving ProSe UE if it is determined that the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition, it means that there is a security policy between the initiating ProSe UE and the receiving ProSe UE conflict, the two are not eligible for direct connection, and the receiving ProSe UE will send a third rejection message to the initiating ProSe UE.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 15 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 15 , the direct connection communication method may include the following steps:
  • Step 1501 acquire the security policy corresponding to the ProSe service.
  • Step 1502 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1503 obtain and receive the Direct Security Mode Command message sent by the ProSe UE, and the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • Step 1504 judging whether the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to the signaling security policy of the initiating ProSe UE.
  • the initiating ProSe UE judges that the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to its own signaling security policy, it means that the receiving ProSe UE is the same as the sending The ProSe UEs are eligible for protected direct connection, and proceed to step 1505.
  • Step 1505 Send a Direct Security Mode Complete message to the receiving ProSe UE, and the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • the initiating ProSe UE before sending the Direct Security Mode Complete message to the receiving ProSe UE in step 1405, the initiating ProSe UE will first judge the signaling security policy received in the above step 1403 Whether the negotiation result is NOT NEEDED, if it is NOT NEEDED, the UP security policy of the initiating ProSe UE will also be changed to NOT NEEDED. And, later, when sending the Direct Security Mode Complete message to the receiving ProSe UE, the Direct Security Mode Complete message specifically includes the changed UP security policy of the initiating ProSe UE.
  • Step 1506 obtain and receive the Direct Communication Accept message sent by the ProSe UE, the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the receiving ProSe UE after the receiving ProSe UE obtains the Direct Security Mode Complete message sent by the initiating ProSe UE, it will determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE satisfy the second predetermined condition. set conditions.
  • the receiving ProSe UE will determine the negotiation result of the UP security policy based on the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE. After that, send a Direct Communication Accept message to the initiating ProSe UE, wherein the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 16 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 16 , the direct connection communication method may include the following steps:
  • Step 1601 acquire the security policy corresponding to the ProSe service.
  • Step 1602 Send a Direct Communication Request message to the receiving ProSe UE, wherein the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE.
  • Step 1603 obtain and receive the Direct Security Mode Command message sent by the ProSe UE, and the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • Step 1604 judging whether the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to the signaling security policy of the initiating ProSe UE.
  • the initiating ProSe UE judges that the security algorithm corresponding to the signaling security policy of the receiving ProSe UE is consistent with the security algorithm corresponding to its own signaling security policy, it means that the receiving ProSe UE is the same as the sending The ProSe UEs are eligible for protected direct connection, and proceed to step 1605.
  • Step 1605 Send a Direct Security Mode Complete message to the receiving ProSe UE, and the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • the initiating ProSe UE before sending the Direct Security Mode Complete message to the receiving ProSe UE in step 1605, the initiating ProSe UE will first judge the signaling security policy received in the above step 1603 Whether the negotiation result is NOT NEEDED, if it is NOT NEEDED, the UP security policy of the initiating ProSe UE will also be changed to NOT NEEDED. And, later, when sending the Direct Security Mode Complete message to the receiving ProSe UE, the Direct Security Mode Complete message specifically includes the changed UP security policy of the initiating ProSe UE.
  • Step 1606 obtain and receive the Direct Communication Accept message sent by the ProSe UE, and the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • Step 1607 Perform direct communication with the ProSe UE based on the negotiation result of the signaling security policy and the negotiation result of the UP security policy.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 17 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive ProSe UE. As shown in FIG. 17, the direct connection communication method may include the following steps:
  • Step 1701 acquire the security policy corresponding to the ProSe service.
  • Step 1702 Receive the Direct Security Mode Complete message sent by the initiating ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • Step 1703 determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition, and if the second preset condition is met, perform step 1704.
  • the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition it means that there is a security policy between the initiating ProSe UE and the receiving ProSe UE Conflict, the two are not qualified to protect the direct connection, go to step 1704.
  • Step 1704 Send a third rejection message to the initiating ProSe UE, where the third rejection message is used to reject the Direct Security Mode Complete message sent by the initiating ProSe UE.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 18 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to receive ProSe UE. As shown in FIG. 18, the direct connection communication method may include the following steps:
  • Step 1801 acquire the security policy corresponding to the ProSe service.
  • Step 1802 Receive the Direct Security Mode Complete message sent by the initiating ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • Step 1803 determine whether the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE meet the second preset condition, and if the second preset condition is not met, then perform step 1804.
  • the signaling security policy of the initiating ProSe UE and the signaling security policy of the receiving ProSe UE do not meet the second preset condition, it means that the communication between the initiating ProSe UE and the receiving ProSe UE If there is no security policy conflict, the two are qualified to protect the direct connection, and proceed to step 1804.
  • Step 1804 determine the negotiation result of the UP security policy based on the UP security policy of the initiating ProSe UE and the UP security policy of the receiving ProSe UE.
  • Step 1805 Send a Direct Communication Accept message to the initiating ProSe UE, wherein the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 19 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 19, the direct connection communication method may include the following steps:
  • Step 1901 acquire the security policy corresponding to the ProSe service.
  • Step 1902 Send a Direct Security Mode Complete message to the receiving ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the initiating ProSe UE.
  • Step 1903 acquire and receive the third rejection message sent by the ProSe UE, the third rejection message is used to reject the Direct Security Mode Complete message sent by the initiating ProSe UE.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 20 is a schematic flowchart of a direct connection communication method provided by another embodiment of the present disclosure, which is applied to initiate a ProSe UE. As shown in FIG. 20 , the direct connection communication method may include the following steps:
  • Step 2001 acquire the security policy corresponding to the ProSe service.
  • Step 2002 Send a Direct Security Mode Complete message to the receiving ProSe UE, wherein the Direct Security Mode Complete message includes the UP security policy of the ProSe UE that initiated it.
  • Step 2003 obtain and receive the Direct Communication Accept message sent by the ProSe UE, and the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the initiating ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the receiving ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • FIG. 21 is a schematic structural diagram of a direct-connect communication device provided by an embodiment of the present disclosure. As shown in FIG. 21 , the device 2100 may include:
  • An acquisition module 2101 configured to acquire a security policy corresponding to the ProSe service
  • the communication module 2102 is configured to establish direct connection communication security with the initiating ProSe UE based on the security policy.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • the security policy includes at least one of the following:
  • the security policy includes at least one of the following:
  • the security policy includes: REQUIRED; NOT NEEDED; PREFERRED.
  • the acquisition module is also used to:
  • the acquisition module is also used to:
  • the acquisition module is also used to:
  • the above-mentioned communication module 2102 is also used for:
  • the Direct Communication Request message sent by the initiating ProSe UE, and the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE;
  • the first preset condition includes at least one of the following:
  • the strategy for initiating the signaling integrity protection of the ProSe UE is NOT NEEDED, and the strategy for receiving the signaling integrity protection of the ProSe UE is REQUIRED;
  • the strategy for initiating ProSe UE's signaling encryption protection is NOT NEEDED, and the strategy for receiving ProSe UE's signaling encryption protection is REQUIRED;
  • the strategy for initiating the signaling integrity protection of the ProSe UE is REQUIRED, and the strategy for receiving the signaling integrity protection of the ProSe UE is NOT NEEDED;
  • the strategy for initiating ProSe UE's signaling encryption protection is REQUIRED, and the strategy for receiving ProSe UE's signaling encryption protection is NOT NEEDED;
  • a first rejection message is sent to the initiating ProSe UE, where the first rejection message is used to reject the Direct Communication Request message sent by the initiating ProSe UE.
  • the above-mentioned communication module 2102 is also used for:
  • the Direct Communication Request message sent by the initiating ProSe UE, and the Direct Communication Request message includes the signaling security policy of the initiating ProSe UE;
  • the first preset condition includes at least one of the following:
  • the strategy for initiating the signaling integrity protection of the ProSe UE is NOT NEEDED, and the strategy for receiving the signaling integrity protection of the ProSe UE is REQUIRED;
  • the strategy for initiating ProSe UE's signaling encryption protection is NOT NEEDED, and the strategy for receiving ProSe UE's signaling encryption protection is REQUIRED;
  • the strategy for initiating the signaling integrity protection of the ProSe UE is REQUIRED, and the strategy for receiving the signaling integrity protection of the ProSe UE is NOT NEEDED;
  • the strategy for initiating ProSe UE's signaling encryption protection is REQUIRED, and the strategy for receiving ProSe UE's signaling encryption protection is NOT NEEDED;
  • Direct Security Mode Command message Send a direct security mode command Direct Security Mode Command message to the initiating ProSe UE, and the Direct Security Mode Command message includes the negotiation result of the signaling security policy.
  • the negotiation result of the signaling security policy includes at least one of the following:
  • the communication module 2102 is also used for:
  • the signaling integrity protection strategy of the initiating ProSe UE is NOT NEEDED, and/or, the signaling integrity protection strategy of the receiving ProSe UE is NOT NEEDED, determine the negotiation result of the signaling integrity protection strategy as NOT NEEDED;
  • the signaling integrity protection strategy of the initiating ProSe UE is REQUIRED, and/or, the signaling integrity protection strategy of the receiving ProSe UE is REQUIRED, determine the negotiation result of the signaling integrity protection strategy as REQUIRED;
  • the signaling integrity protection strategy of the initiating ProSe UE is PREFERRED, and the signaling integrity protection strategy of the receiving ProSe UE is PREFERRED, determine the negotiation result of the signaling integrity protection strategy as REQUIRED or NOT NEEDED;
  • the signaling encryption protection strategy of the initiating ProSe UE is NOT NEEDED, and/or, the signaling encryption protection strategy of the receiving ProSe UE is NOT NEEDED, and the negotiation result of the signaling encryption protection strategy is determined to be NOT NEEDED;
  • the signaling encryption protection strategy of the initiating ProSe UE is REQUIRED, and/or, the signaling encryption protection strategy of the receiving ProSe UE is REQUIRED, and the negotiation result of the signaling encryption protection strategy is determined to be REQUIRED;
  • the signaling encryption protection strategy of the initiating ProSe UE is PREFERRED
  • the signaling encryption protection strategy of the receiving ProSe UE is PREFERRED
  • the above-mentioned device is also used for:
  • the above-mentioned device is also used for:
  • the above-mentioned device is also used for:
  • the second preset condition includes at least one of the following:
  • the strategy for initiating UP integrity protection of ProSe UE is NOT NEEDED, and the strategy for receiving UP integrity protection of ProSe UE is REQUIRED;
  • the strategy of initiating UP encryption protection of ProSe UE is NOT NEEDED, and the strategy of receiving UP encryption protection of ProSe UE is REQUIRED;
  • the strategy for initiating the UP integrity protection of the ProSe UE is REQUIRED, and the strategy for receiving the UP integrity protection of the ProSe UE is NOT NEEDED;
  • the strategy for initiating UP encryption protection of ProSe UE is REQUIRED, and the strategy for receiving UP encryption protection of ProSe UE is NOT NEEDED;
  • a third rejection message is sent to the initiating ProSe UE, where the third rejection message is used to reject the Direct Security Mode Complete message sent by the initiating ProSe UE.
  • the above-mentioned device is also used for:
  • the second preset condition includes at least one of the following:
  • the strategy for initiating UP integrity protection of ProSe UE is NOT NEEDED, and the strategy for receiving UP integrity protection of ProSe UE is REQUIRED;
  • the strategy of initiating UP encryption protection of ProSe UE is NOT NEEDED, and the strategy of receiving UP encryption protection of ProSe UE is REQUIRED;
  • the strategy for initiating the UP integrity protection of the ProSe UE is REQUIRED, and the strategy for receiving the UP integrity protection of the ProSe UE is NOT NEEDED;
  • the strategy for initiating UP encryption protection of ProSe UE is REQUIRED, and the strategy for receiving UP encryption protection of ProSe UE is NOT NEEDED;
  • the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the negotiation result of the UP security policy includes at least one of the following: the negotiation result of the UP integrity protection policy; the negotiation result of the UP encryption protection policy.
  • the above-mentioned device is also used for:
  • the UP integrity protection policy of the initiating ProSe UE is NOT NEEDED, and/or, the UP integrity protection policy of the receiving ProSe UE is NOT NEEDED, determine the negotiation result of the UP integrity protection policy as NOT NEEDED;
  • the negotiation result of the UP integrity protection strategy is determined to be REQUIRED;
  • the negotiation result of the UP integrity protection policy as REQUIRED or NOT NEEDED If the UP integrity protection policy of the initiating ProSe UE is PREFERRED, and the UP integrity protection policy of the receiving ProSe UE is PREFERRED, determine the negotiation result of the UP integrity protection policy as REQUIRED or NOT NEEDED;
  • the UP encryption protection policy of the ProSe UE is initiated as NOT NEEDED, and/or, the UP encryption protection policy of the receiving ProSe UE is NOT NEEDED, and the negotiation result of the UP encryption protection policy is determined to be NOT NEEDED;
  • the strategy for initiating the UP encryption protection of the ProSe UE is REQUIRED, and/or, the strategy for receiving the UP encryption protection of the ProSe UE is REQUIRED, determine that the negotiation result of the UP encryption protection strategy is REQUIRED;
  • the negotiation result of the UP encryption protection policy is REQUIRED or NOT NEEDED.
  • the above-mentioned device is also used for:
  • Fig. 22 is a schematic structural diagram of a direct connection communication provided by another embodiment of the present disclosure. As shown in Fig. 22, the device 2200 may include:
  • An acquisition module 2201 configured to acquire a security policy corresponding to the ProSe service
  • the communication module 2202 is configured to establish direct communication security with the receiving ProSe UE based on the security policy.
  • the receiving ProSe UE can obtain the security policy corresponding to the ProSe service, and establish direct communication security with the initiating ProSe UE based on the obtained security policy. Therefore, in the embodiment of the present disclosure, the security policy corresponding to the ProSe service can be configured for the UE, so that the receiving ProSe UE and the initiating ProSe UE can establish direct communication security based on the security policy. Therefore, the security of direct communication between UEs in the ProSe service is ensured, and the security of information transmission is improved.
  • the security policy includes at least one of the following:
  • the security policy includes at least one of the following:
  • the security policy includes: REQUIRED; NOT NEEDED; PREFERRED.
  • the acquisition module is also used to:
  • the acquisition module is also used to:
  • the acquisition module is also used to:
  • the above-mentioned communication module 2202 is also used for:
  • the Direct Communication Request message includes the signaling security policy of the ProSe UE that initiated it;
  • the ProSe UE Acquire and receive the first rejection message sent by the ProSe UE, where the first rejection message is used to reject the Direct Communication Request message sent by the ProSe UE.
  • the above-mentioned communication module 2202 is also used for:
  • the Direct Communication Request message includes the signaling security policy of the ProSe UE that initiated it;
  • the Direct Security Mode Command includes the negotiation result of the signaling security policy.
  • the above-mentioned communication module 2202 is also used for:
  • the negotiation result of the signaling security policy includes at least one of the following:
  • the above-mentioned device is also used for:
  • the above-mentioned device is also used for:
  • the Direct Security Mode Complete message includes the UP security policy of the ProSe UE that initiated it;
  • the above-mentioned device is also used for:
  • the Direct Security Mode Complete message includes the UP security policy of the ProSe UE that initiated it;
  • the Direct Communication Accept message includes the negotiation result of the UP security policy.
  • the above-mentioned device is also used for:
  • the computer storage medium provided by the embodiments of the present disclosure stores an executable program; after the executable program is executed by the processor, it can realize to any of the methods shown in Figure 20.
  • the present disclosure also proposes a computer program product, including a computer program.
  • a computer program product including a computer program.
  • the computer program When the computer program is executed by a processor, the computer program as shown in FIGS. 1 to 8, 17 to 18 or 9 to 16, The method shown in any one of Fig. 19 to Fig. 20.
  • the present disclosure also proposes a computer program.
  • the program When the program is executed by a processor, the computer program shown in FIG. 1 to FIG. 8 , FIG. 20 any one of the methods shown.
  • Fig. 19 is a block diagram of a user equipment UE1900 provided by an embodiment of the present disclosure.
  • the UE 1900 may be a mobile phone, a computer, a digital broadcasting terminal device, a messaging device, a game console, a tablet device, a medical device, a fitness device, a personal digital assistant, and the like.
  • UE2300 may include at least one of the following components: a processing component 2302, a memory 2304, a power supply component 2306, a multimedia component 2308, an audio component 2310, an input/output (I/O) interface 2312, a sensor component 2313, and a communication component 2316.
  • a processing component 2302 may include at least one of the following components: a processing component 2302, a memory 2304, a power supply component 2306, a multimedia component 2308, an audio component 2310, an input/output (I/O) interface 2312, a sensor component 2313, and a communication component 2316.
  • a processing component 2302 may include at least one of the following components: a processing component 2302, a memory 2304, a power supply component 2306, a multimedia component 2308, an audio component 2310, an input/output (I/O) interface 2312, a sensor component 2313, and a communication component 2316.
  • I/O input/output
  • the processing component 2302 generally controls the overall operations of the UE 2300, such as those associated with display, phone calls, data communications, camera operations, and recording operations.
  • the processing component 2302 may include at least one processor 2320 to execute instructions to complete all or part of the steps of the above-mentioned method.
  • processing component 2302 can include at least one module to facilitate interaction between processing component 2302 and other components.
  • processing component 2302 may include a multimedia module to facilitate interaction between multimedia component 2308 and processing component 2302 .
  • the memory 2304 is configured to store various types of data to support operations at the UE 2300 . Examples of such data include instructions for any application or method operating on the UE2300, contact data, phonebook data, messages, pictures, videos, etc.
  • the memory 2304 can be realized by any type of volatile or non-volatile storage device or their combination, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable Programmable Read Only Memory (EPROM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Magnetic Memory, Flash Memory, Magnetic or Optical Disk.
  • SRAM static random access memory
  • EEPROM electrically erasable programmable read-only memory
  • EPROM erasable Programmable Read Only Memory
  • PROM Programmable Read Only Memory
  • ROM Read Only Memory
  • Magnetic Memory Flash Memory
  • Magnetic or Optical Disk Magnetic Disk
  • the power supply component 2306 provides power to various components of the UE 2300.
  • Power component 2306 may include a power management system, at least one power supply, and other components associated with generating, managing, and distributing power for UE 2300 .
  • the multimedia component 2308 includes a screen providing an output interface between the UE 2300 and the user.
  • the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from a user.
  • the touch panel includes at least one touch sensor to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense a boundary of a touch or slide action, but also detect a wake-up time and pressure related to the touch or slide operation.
  • the multimedia component 2308 includes a front camera and/or a rear camera. When UE2300 is in operation mode, such as shooting mode or video mode, the front camera and/or rear camera can receive external multimedia data. Each front camera and rear camera can be a fixed optical lens system or have focal length and optical zoom capability.
  • the audio component 2310 is configured to output and/or input audio signals.
  • the audio component 2310 includes a microphone (MIC), which is configured to receive an external audio signal when the UE 2300 is in an operation mode, such as a call mode, a recording mode, and a voice recognition mode. Received audio signals may be further stored in memory 2304 or sent via communication component 2316 .
  • the audio component 2310 also includes a speaker for outputting audio signals.
  • the I/O interface 2312 provides an interface between the processing component 2302 and a peripheral interface module, which may be a keyboard, a click wheel, a button, and the like. These buttons may include, but are not limited to: a home button, volume buttons, start button, and lock button.
  • the sensor component 2313 includes at least one sensor, which is used to provide various aspects of state assessment for the UE 2300 .
  • the sensor component 2313 can detect the open/close state of the device 2300, the relative positioning of components, such as the display and the keypad of the UE2300, the sensor component 2313 can also detect the position change of the UE2300 or a component of the UE2300, and the user and Presence or absence of UE2300 contact, UE2300 orientation or acceleration/deceleration and temperature change of UE2300.
  • the sensor assembly 2313 may include a proximity sensor configured to detect the presence of nearby objects in the absence of any physical contact.
  • the sensor assembly 2313 may also include an optical sensor, such as a CMOS or CCD image sensor, for use in imaging applications.
  • the sensor component 2313 may also include an acceleration sensor, a gyro sensor, a magnetic sensor, a pressure sensor or a temperature sensor.
  • Communication component 2316 is configured to facilitate wired or wireless communications between UE 2300 and other devices.
  • UE2300 can access wireless networks based on communication standards, such as WiFi, 2G or 3G, or their combination.
  • the communication component 2316 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel.
  • the communication component 2316 also includes a near field communication (NFC) module to facilitate short-range communication.
  • NFC near field communication
  • the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, Infrared Data Association (IrDA) technology, Ultra Wide Band (UWB) technology, Bluetooth (BT) technology and other technologies.
  • RFID Radio Frequency Identification
  • IrDA Infrared Data Association
  • UWB Ultra Wide Band
  • Bluetooth Bluetooth
  • UE2300 may be powered by at least one Application Specific Integrated Circuit (ASIC), Digital Signal Processor (DSP), Digital Signal Processing Device (DSPD), Programmable Logic Device (PLD), Field Programmable Gate Array ( FPGA), controller, microcontroller, microprocessor or other electronic components for implementing the above method.
  • ASIC Application Specific Integrated Circuit
  • DSP Digital Signal Processor
  • DSPD Digital Signal Processing Device
  • PLD Programmable Logic Device
  • FPGA Field Programmable Gate Array
  • controller microcontroller, microprocessor or other electronic components for implementing the above method.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)

Abstract

La présente invention concerne un procédé et un appareil de communication directe, un équipement utilisateur et un support de stockage, qui ont trait au domaine technique des communications. Le procédé comprend les étapes suivantes: l'acquisition par un équipement utilisateur de réception de service basé sur la proximité (ProSe) d'une politique de sécurité correspondant à un service ProSe; et, sur la base de la politique de sécurité acquise, l'établissement d'une sécurité de communication directe avec un équipement utilisateur de service ProSe initiateur. Par conséquent, la sécurité de communication directe entre des équipements utilisateurs dans un service ProSe est garantie, permettant ainsi d'améliorer la sécurité de la transmission d'information.
PCT/CN2021/109087 2021-07-28 2021-07-28 Procédé et appareil de communication directe, équipement utilisateur et support de stockage WO2023004656A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP21951268.8A EP4380294A1 (fr) 2021-07-28 2021-07-28 Procédé et appareil de communication directe, équipement utilisateur et support de stockage
PCT/CN2021/109087 WO2023004656A1 (fr) 2021-07-28 2021-07-28 Procédé et appareil de communication directe, équipement utilisateur et support de stockage
CN202180002265.3A CN115885533A (zh) 2021-07-28 2021-07-28 一种直连通信方法、装置、用户设备及存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/109087 WO2023004656A1 (fr) 2021-07-28 2021-07-28 Procédé et appareil de communication directe, équipement utilisateur et support de stockage

Publications (1)

Publication Number Publication Date
WO2023004656A1 true WO2023004656A1 (fr) 2023-02-02

Family

ID=85086006

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/109087 WO2023004656A1 (fr) 2021-07-28 2021-07-28 Procédé et appareil de communication directe, équipement utilisateur et support de stockage

Country Status (3)

Country Link
EP (1) EP4380294A1 (fr)
CN (1) CN115885533A (fr)
WO (1) WO2023004656A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105264816A (zh) * 2013-05-16 2016-01-20 三星电子株式会社 执行用于设备对设备通信的发现的方法和装置
US20180375647A1 (en) * 2015-12-22 2018-12-27 Nokia Technologies Oy Flexible security channel establishment in d2d communications

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105264816A (zh) * 2013-05-16 2016-01-20 三星电子株式会社 执行用于设备对设备通信的发现的方法和装置
US20180375647A1 (en) * 2015-12-22 2018-12-27 Nokia Technologies Oy Flexible security channel establishment in d2d communications

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on security aspects of 3GPP support for advanced Vehicle-to-Everything (V2X) services (Release 16)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TR 33.836, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, no. V16.1.0, 25 September 2020 (2020-09-25), Mobile Competence Centre ; 650, route des Lucioles ; F-06921 Sophia-Antipolis Cedex ; France , pages 1 - 51, XP051961170 *
QUALCOMM INCORPORATED: "Proposed text for security establishment clause of NR PC5 unicast security", 3GPP DRAFT; S3-200347, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG3, no. e-meeting; 20200302 - 20200306, 21 February 2020 (2020-02-21), Mobile Competence Centre ; 650, route des Lucioles ; F-06921 Sophia-Antipolis Cedex ; France , XP051855082 *

Also Published As

Publication number Publication date
CN115885533A (zh) 2023-03-31
EP4380294A1 (fr) 2024-06-05

Similar Documents

Publication Publication Date Title
WO2018129940A1 (fr) Procédé de commande d'état pour équipement utilisateur, dispositif, équipement utilisateur et station de base
US20220295590A1 (en) Inactivity timer control method and device
US11805562B2 (en) User device pairing method and apparatus
WO2021081796A1 (fr) Procédé et appareil de réception de signalisation de radiomessagerie, et procédé et appareil de transmission de signalisation de radiomessagerie
WO2023004656A1 (fr) Procédé et appareil de communication directe, équipement utilisateur et support de stockage
CN113170474B (zh) 资源配置方法、装置、终端设备、接入网设备及存储介质
WO2023245354A1 (fr) Procédé et appareil de protection de sécurité, dispositif de communication et support de stockage
WO2023004655A1 (fr) Procédé et appareil de communication, équipement utilisateur, station de base, dispositif de coeur de réseau et support de stockage
WO2024055329A1 (fr) Procédé et appareil de communication sans fil pour services de proximité (prose), et dispositif de communication et support de stockage
WO2019153236A1 (fr) Procédé, appareil et système pour établir une connexion entre un terminal et un cœur de réseau auquel accéder
WO2022236627A1 (fr) Procédé et appareil d'indication, et équipement utilisateur, station de base, dispositif de réseau central et support de stockage
WO2022222086A1 (fr) Procédé et appareil de transmission d'information, et équipement utilisateur, dispositif de réseau d'accès, réseau central et support de stockage
WO2023070685A1 (fr) Procédé et appareil de communication par relais, dispositif de communication et support de stockage
WO2022165633A1 (fr) Procédé et appareil pour déterminer un groupe de radiorecherches d'utilisateur, équipement d'utilisateur et support de stockage
WO2023220893A1 (fr) Procédé et appareil de communication par relais, dispositif de communication et support de stockage
WO2023070560A1 (fr) Procédé et appareil de transmission d'informations, et dispositif de communication et support de stockage
WO2024031390A1 (fr) Procédé et appareil de mise à jour d'informations de réseau iot personnel, dispositif de communication et support de stockage
WO2018184170A1 (fr) Procédé, appareil, dispositif et station de base destinés à être utilisés pour réaliser un guidage d'un dispositif de l'internet des objets
WO2023070509A1 (fr) Procédé et appareil de traitement d'informations, dispositif de communication et support de stockage
US20230254758A1 (en) Access control method and communication device, and storage medium
WO2022257144A1 (fr) Procédé et appareil de configuration d'informations, équipement utilisateur, station de base et support de stockage
WO2024016349A1 (fr) Procédé et appareil pour fournir un service de détection, dispositif de communication et support d'enregistrement
WO2024044916A1 (fr) Procédé et appareil de rapport de bsr, dispositif de communication et support de stockage
WO2024036495A1 (fr) Procédés et appareils de traitement d'informations, dispositif de communication et support de stockage
WO2023141771A1 (fr) Procédé et appareil de fourniture de service de détection, dispositif de communication et support de stockage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21951268

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2021951268

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2021951268

Country of ref document: EP

Effective date: 20240228